The Ministry of Health and Social Services (MoHSS) plans to redeploy its Pharmaceutical Management Information System (PMIS) dashboard in a more secure environment following a cyber-attack on December 13, 2024.
The Ministry’s Executive Director, Ben Nangombe, confirmed that the redeployment will include updated security patches, a reset of all user login credentials, and registration limited to essential users only.
To minimize vulnerabilities, the dashboard will be hosted within the Ministry’s internal network, with Internet access restricted. Additionally, strict password policies will be enforced to prevent future compromises.
“The dashboard will be deployed in a new environment with updated security patches, and all user login credentials will be reset. Only essential users will be registered, and the dashboard will be hosted within the Ministry’s internal network, restricting Internet access,” said Nangombe.
The cyber-attack targeted the Ministry’s servers and dashboards, compromising aggregated stock levels, patient statistics from public health facility pharmacies, and pharmaceutical management performance indicators. Nangombe emphasized that while a full analysis of the dashboard’s underlying database is ongoing, there is no evidence that personally identifiable patient records were accessed.
However, he confirmed that the names and email addresses of primary users—mainly healthcare workers in pharmacy departments—were accessed. Additionally, shared website files and database schemas were also compromised.
“The names and email addresses of primary users of the dashboard, such as healthcare workers, primarily pharmacy personnel, were part of the data that was accessed,” he said.
“The breach prompted an immediate response from the Ministry’s IT team, who manually shut down and isolated the hosting server to prevent further damage and contain the attack from spreading to other systems within the Ministry’s network.”
The PMIS dashboard is a web-based platform designed to provide aggregated data on the stock status of essential medicines and patient numbers across public health facilities in Namibia. It plays a critical role in decision-making for pharmaceutical supply planning and health commodity redistribution. The Ministry clarified that the platform does not store personally identifiable patient data.
As the Ministry works to restore the PMIS dashboard in a more secure environment, Nangombe assured the public that all measures are being taken to strengthen cybersecurity and protect sensitive health data.
